AI-SPM bolsters Singularity Cloud Security portfolio to create visibility into AI services usage, detecting misconfigurations and vulnerabilities in AI applications, and determining potential attack paths
SentinelOne has announced new AI-SPM capabilities to protect and secure the use of AI services in the workplace. The new offering will expand SentinelOne’s Singularity Cloud Security portfolio to give customers visibility into – and protection over – both known and shadow AI cloud services running in their environment. SentinelOne AI-SPM will help security teams discover the entire inventory of AI applications and models being used, detect and pinpoint AI service misconfigurations and vulnerabilities, and gain visibility into potential attack paths related to AI workloads. As a result, organizations can confidently embrace AI’s transformative productivity benefits and competitive advantages while mitigating the security, privacy, and regulatory compliance risks inherent in cloud-based AI applications and models.
Early adopter access is available now for SentinelOne customers, with general availability expected in early 2025.
In May 2024, a global McKinsey survey found that 65 percent of organizations were using generative AI in at least one business function – up nearly double from 33 percent in 2023 – and 50 percent were already using generative AI across multiple functions. To meet this demand, all major public cloud service providers, including Amazon Web Services, Google Cloud, and Microsoft Azure, have introduced simple ways to build, train, and host generative AI applications in the cloud.
“The power and benefits of generative AI are undeniable. Yet, the very tools and cloud services that simplify and accelerate GenAI adoption are simultaneously opening up a brand new attack surface and potential regulatory risk,” said Ely Kahn, Vice President of Product Management at SentinelOne. “With AI-SPM, we’re empowering customers to unleash the distinct advantages of GenAI, while giving security teams the visibility, insight, and tools needed to protect the sensitive data behind these powerful cloud applications.”
A new solution within SentinelOne’s Singularity Cloud Security portfolio, AI-SPM builds on the comprehensive CNAPP capabilities in the Singularity platform by introducing the ability to:
- Discover and gain visibility into known and shadow AI pipelines and models – SentinelOne AI-SPM discovers all the AI services, training, deployed models, and pipelines from cloud services like AWS (Amazon SageMaker and Amazon Bedrock), Google Cloud (Google Vertex AI) and Microsoft Azure (Microsoft Azure OpenAI).
- Detect and identify vulnerabilities and misconfigurations in AI infrastructure – The SentinelOne AI-SPM provides insights into any misconfigurations in AI services to protect against inadvertent exposure that could lead to possible data exfiltration and unauthorized access to AI models and services.
- Visualize and analyze potential attack paths – SentinelOne’s graph explorer visualizes attack paths related to AI-based workload alerts to showcase graphically how an adversary could traverse the customer’s environment and potentially move laterally to gain access to resources.
- Manage and mitigate compliance risks—Focus on data policies that contribute to company-level compliance and risk baselines as part of a greater assessment against regulatory standards like the EU AI Act and NIST’s Artificial Intelligence Risk Management framework.